Systems and methods for providing security via interactive media

ABSTRACT

Methods and systems for providing security and verifying a human user and/or an authorized user are described. A system may include a processor and a non-transitory, processor-readable storage medium. The non-transitory, processor-readable storage medium may include one or more programming instructions that, when executed, cause the processor to receive a request to access a secured resource, provide a verification challenge to a user via a user interface, receive at least one input from the user in response to the verification challenge, and determine that the at least one input corresponds to at least one parameter indicative of a human user. The verification challenge may include a game.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. application Ser. No.16/128,751 filed Sep. 12, 2018 entitled, “SYSTEMS AND METHODS FORPROVIDING SECURITY VIA INTERACTIVE MEDIA,” which is a continuation ofU.S. application Ser. No. 14/775,378 filed Sep. 11, 2015 entitled,“SYSTEMS AND METHODS FOR PROVIDING SECURITY VIA INTERACTIVE MEDIA,”which is a national stage filing under 35 U.S.C. § 371 of InternationalApplication No. PCT/US2014/023122 filed Mar. 11, 2014 entitled “SYSTEMSAND METHODS FOR PROVIDING SECURITY VIA INTERACTIVE MEDIA,” which in turnclaims the priority benefit of U.S. Provisional Patent Application No.61/778,132, filed Mar. 12, 2013 entitled “SECURITY SYSTEMS USINGINTERACTIVE MEDIA,” the contents of which are incorporated herein byreference in their entirety.

BACKGROUND

Personal security, particularly with respect to the Internet, has been aprimary concern for individuals and business that conduct activitiesonline. Entities devoted to security subversion have become increasinglysophisticated and have been able to circumvent some of the strongestsecurity measures in the world. Accordingly, there exists a constantneed for improved security measures.

Illustrative methods of subverting security measures may involve usingone or more computing systems, such as a bot, a botnet, and/or the like,to generate an attack. Such methods can be particularly useful in usingautomated techniques to guess passwords. Previous attempts to preventsuch automated techniques have resulted in security measures that usechallenge-response testing to determine whether an entity requestingaccess to an account is a human or a computing system. Suchchallenge-response testing generally requires an entity to entercharacters from a distorted image to verify that the entity is a humanuser. For a time, the challenge-response testing was successful inverifying an entity was human. However, advances in computing technologyhave made such challenge-response testing less effective.

Other illustrative methods of subverting security measures may includeunauthorized users posing as authorized users to gain access to asecured resource. In such methods, the unauthorized user may haveinformation pertinent to an authorized user that is used to “trick” thesecurity measures into allowing the unauthorized user access to thesecured resource. Current methods include requiring an authorized userto provide additional security information when setting up an account,such as, for example, a mother's maiden name, a name of a dog, an oldaddress, and/or the like. However, such information is easily obtainableby unauthorized users.

SUMMARY

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input corresponds to at least one parameter indicative of ahuman user. The verification challenge may include a game.

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input does not correspond to at least one parameter indicativeof a human user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input corresponds to at least one parameter indicative of ahuman user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input does not correspond to at least one parameter indicativeof a human user. The verification challenge may include a game.

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input corresponds to at least one parameter indicative of anauthorized user. The verification challenge may include a game.

In an embodiment, a system may include a processor and a non-transitory,processor-readable storage medium. The non-transitory,processor-readable storage medium may include one or more programminginstructions that, when executed, cause the processor to receive arequest to access a secured resource, provide a verification challengeto a user via a user interface, receive at least one input from the userin response to the verification challenge, and determine that the atleast one input does not correspond to at least one parameter indicativeof an authorized user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input corresponds to at least one parameter indicative of anauthorized user. The verification challenge may include a game.

In an embodiment, a method may include receiving, by a processor, arequest to access a secured resource, providing, by the processor, averification challenge to a user via a user interface, receiving, by theprocessor, at least one input from the user in response to theverification challenge, and determining, by the processor, that the atleast one input does not correspond to at least one parameter indicativeof an authorized user. The verification challenge may include a game.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 depicts a flow diagram of an illustrative method of verifying ahuman user according to an embodiment.

FIG. 2 depicts a flow diagram of a second illustrative method ofverifying a human user according to an embodiment.

FIG. 3 depicts a flow diagram of a third illustrative method ofverifying a human user according to an embodiment.

FIG. 4 depicts a flow diagram of a fourth illustrative method ofverifying a human user according to an embodiment.

FIG. 5 depicts a block diagram of an illustrative networked systemaccording to an embodiment.

FIG. 6 depicts a block diagram of an illustrative computing deviceaccording to an embodiment.

FIG. 7 depicts an illustrative verification challenge according to anembodiment.

FIG. 8 depicts a second illustrative verification challenge according toan embodiment.

FIG. 9 depicts a third illustrative verification challenge according toan embodiment.

FIG. 10 depicts a fourth illustrative verification challenge accordingto an embodiment.

FIG. 11 depicts a fifth illustrative verification challenge according toan embodiment.

FIG. 12 depicts a sixth illustrative verification challenge according toan embodiment.

DETAILED DESCRIPTION

This disclosure is not limited to the particular systems, devices andmethods described, as these may vary. The terminology used in thedescription is for the purpose of describing the particular versions orembodiments only, and is not intended to limit the scope.

As used in this document, the singular forms “a,” “an,” and “the”include plural references unless the context clearly dictates otherwise.Unless defined otherwise, all technical and scientific terms used hereinhave the same meanings as commonly understood by one of ordinary skillin the art. Nothing in this disclosure is to be construed as anadmission that the embodiments described in this disclosure are notentitled to antedate such disclosure by virtue of prior invention. Asused in this document, the term “comprising” means “including, but notlimited to.”

The following terms shall have, for the purposes of this application,the respective meanings set forth below.

A “user” is not limited by this disclosure, and includes one or moreentities or people using of any of the components and/or elementsthereof as described herein. For example, a user can be a researcher, anexpert, a player, an administrator, a developer, a group of individuals,and/or the like. In some embodiments, interactions between multipleusers may be various users of the same category, such as, for example,multiple players, multiple researchers, multiple experts, multipleadministrators, multiple developers, multiple groups, and/or the like.In some embodiments, interactions between multiple users may be varioususers of differing categories, such as, for example, a player and aresearcher, a player and an expert, a player and an administrator,and/or the like. A “human user” refers to a user who is a human beingthat accesses a user interface. A “non-human user” refers to any otheruser, particularly a machine, a computing device, or the like, thataccesses a user interface, usually under the direction of a human userfor malicious or non-malicious purposes. The non-human user may also bereferred to herein as a “bot.” Accordingly, the terms may be usedinterchangeably herein.

An “electronic device” refers to a device that includes a processor anda tangible, computer-readable memory or storage device. The memory maycontain programming instructions that, when executed by the processingdevice, cause the device to perform one or more operations according tothe programming instructions. Examples of electronic devices includepersonal computers, supercomputers, gaming systems, televisions, mobiledevices, medical devices, telescopes, satellites, recording devices,automatic teller machines, kiosks, electronic locks, and/or the like.

A “mobile device” refers to an electronic device that is generallyportable in size and nature, or is capable of being operated while intransport. Accordingly, a user may transport a mobile device withrelative ease. Examples of mobile devices include pagers, cellularphones, feature phones, smartphones, personal digital assistants (PDAs),cameras, tablet computers, phone-tablet hybrid devices (“phablets”),laptop computers, netbooks, ultrabooks, global positioning satellite(GPS) navigation devices, in-dash automotive components, media players,watches, and the like.

A “computing device” is an electronic device, such as a computer, aprocessor, a memory, and/or any other component, device or system thatperforms one or more operations according to one or more programminginstructions.

A “secured resource” refers to one or more objects, locations, and/orsystems to which access is restricted or partially restricted by asecurity device and/or a security feature. A secured resource may be,for example, a physical location, such as a building or a room in abuilding. Such a secured resource may also include a security devicesuch as a locking mechanism on a door. A secured resource may also be anoutdoor location, protected by, for example, a fence with a lockinggate. A secured resource may also be a garage or parking area, where thesecurity device may be, for example, a garage door or vehicle barrier. Asecured resource may be at least one computer and/or components thereof,at least one computer network, at least one electronic device, and/orthe like where the security device may be, for example, a microprocessorand/or other electronic circuitry programmed to selectively restrict useof the secured resource.

A “user interface” is an interface which allows a user to interact witha computer or computer system. The user interface may also be referredto as a “human interface device.” A user interface may generally provideinformation or data to the user and/or receive information or data fromthe user. The user interface may enable input from a user to be receivedby the computer and may provide output to the user from the computer.Accordingly, the user interface may allow a user to control ormanipulate a computer and may allow the computer to indicate the effectsof the user's control or manipulation. The display of data orinformation on a display or a graphical user interface is a non-limitingexample of providing information to a user. The receiving of datathrough a keyboard, mouse, trackball, touchpad, pointing stick, graphicstablet, joystick, gamepad, webcam, headset, gear sticks, steering wheel,pedals, wired glove, dance pad, remote control, and accelerometer arenon-limiting examples of user interface components which enable thereceiving of information or data from a user.

“Gameplay” refers to a specific way in which one or more users interactwith a game and includes all interaction between the one or more usersand the game. Gameplay can be a pattern defined through one or more gamerules, a connection between a user and the game, a challenge presentedto a user from the game, a method employed by a user in overcoming thechallenges, a plot of the game, turn-by-turn directions in a game, auser's interaction with computer-generated characters and situations, auser's interaction with other users, and a user's connection to thegame. The gameplay can be interesting, therapeutic, beneficial, and/orengaging to the user, thereby increasing the likelihood that the userinteracts with the game for extended periods of time, provideshigh-quality inputs (for example, relevant and significant inputs), andreturns to play the game multiple times.

A “game” refers to a board game, an electronic game, a gesture-basedgame, a massively multiplayer online game (MMOG), a social network-basedgame, a complex game, and/or the like, and may further include anynumber of activities, exercises, and interactions. The game may becreated by a software developer, an administrator, or the like. In someembodiments, creation of the game may be completed by a user based uponthe user's interaction with another game. While the present disclosuregenerally relates to games for verifying a human user, those skilled inthe art will recognize that the scope of the present disclosure mayadditionally relate to entertainment, therapeutic exercises, learningand development exercises, medical diagnosis exercises, feedbackgathering exercises, proof of human input systems, exercises forassessment and evaluation, interactive advertising, newsfeed gathering,personal content organization, and the like. Furthermore, the datacollected from activities presented herein may further be used forpurposes such as data mining, information retrieval, data organization,data sorting, data indexing, analytic gathering, known problems, andscientific problems. In some embodiments, the data may be used foradvertising content customization and/or recommendations systems.

Current techniques for providing a security feature and restrictingaccess to a secured resource include, for example, a security keypadand/or a card reader that is physically present at the entrance to alocation or on an electronic device, security firewalls that interfaceon an electronic device or through a network, and measures that preventnon-human access to a secured resource such as a Completely AutomatedPublic Turing test to tell Computers and Humans Apart (CAPTCHA). Suchsecurity features are subject to circumvention due to passcode/PINnumber theft via shoulder surfing, guesswork, and/or the like. Certainbiometric features may be useful in avoiding circumvention attempts, butmay be more expensive and may require sophisticated algorithms andresources to implement.

The present disclosure relates generally to systems and methods forproviding a security feature that verifies that a user requesting accessto a secured resource is a human user and/or an authorized user. Thesecurity feature may incorporate an interactive interface for the userto play a game. The security feature only allows access to human usersafter the game is played under particular parameters such that a humanpresence at the interactive interface is verified. The security featurealso only allows access to authorized users by learning particularinputs and/or obtaining particular data specific to an authorized userthat an unauthorized user would not be able to fake or obtain. Thus, thesecurity feature may be adaptive such that it can learn how a userthinks and/or behaves over time and adapt to the learned information.Accordingly, the security feature, after learning about a user, iscapable of intelligently recognizing the user. In some embodiments, thesystems and methods described herein can be used in a clinical setting,such as, for example, to ensure that a user is sufficiently cognitivelyaware to gain access to the secured resource. Thus, if a user with acognitive impairment wishes to unlock a door, he/she may be required tocorrectly provide inputs in response to a verification challenge thatconfirm his/her cognitive awareness.

FIGS. 1-4 depict flow diagrams of illustrative methods of verifying ahuman user and/or an authorized user according to various embodiments.The methods depicted in FIGS. 1-4 may be used alternatively or inconjunction with each other. Thus, for example, the method of FIG. 2 maybe incorporated with the method of FIG. 4 such that the processesperformed according to both figures are completed.

FIG. 1 depicts a flow diagram of a first illustrative method ofverifying a human user and/or an authorized user according to anembodiment. The method may include receiving 105 a request, such as, forexample, a request to access a secured resource. The request maygenerally come from a user, particularly a user of an electronic device.The request is not limited by this disclosure, and may generally be anytype of request. For example, a request may be received 105 when a userclicks on a link to a secured resource, when a user attempts to enter apassword, a passcode, a PIN number, and/or the like, when a user types aweb address of a secure server, when a user provides biometric data(such as a fingerprint or a retinal scan) to a secure entry interface,when a user attempts to purchase an item, when a user activates anelectronic device, when a user turns an electronic device on, and/or thelike.

The method may further include providing 110 a verification challenge tothe user. In some embodiments, the verification challenge may generallybe any challenge that verifies the user is a human user. Thus, theverification challenge provides a method of determining whether a useris human or non-human, such as a bot. In some embodiments, theverification challenge may generally be any challenge that verifies theuser is an authorized user. Thus, the verification challenge provides amethod of determining whether a user is authorized or unauthorized. Insome embodiments, the verification challenge may be a game. Illustrativegames include, but are not limited to, a floating balloon game, a mazegame, a cutting game, a puzzle game, and a memory game. In someembodiments, the verification challenge may include one or more requeststhat the user complete certain tasks. In some embodiments, providing 110the verification challenge may further include stipulating that the userprovide information regarding other users that is known only to theuser. For example, a user may need to know an aspect of another user'sgameplay, achievements, avatars, collectibles, levels, status, and/orthe like in order to respond to a verification challenge. Accordingly,in instances where a hacker has obtained the user's information, he/shewould not be able to access the secured resource without obtaininginformation regarding additional users. Illustrative verificationchallenges will be described in greater detail with respect to FIGS.7-12 herein.

At least one input may be received 115 from the user in response to theprovided 110 verification challenge. The at least one input maycorrespond to one or more of the user's responses to the verificationchallenge. Illustrative inputs may include keystrokes, gestures, audioinputs, video inputs, haptic inputs, and/or various touch commands, suchas, for example, a swipe, a tap, a double tap, a pinch, and/or the like.In some embodiments, the input may be received 115 over a particularperiod of time, as described in greater detail herein. The number ofinputs is not limited by this disclosure, and may generally be anynumber that is provided by the user, particularly a number of inputsnecessary to respond to the verification challenge. In some embodiments,no input may be received. For example, if an input is not receivedwithin a particular period of time, it may be determined that no inputhas been received. The period of time is not limited by this disclosure,and may generally be any period of time. Illustrative periods of timemay include, but are not limited to, about 30 seconds, about 1 minute,about 2 minutes, about 3 minutes, about 4 minutes, about 5 minutes,about 6 minutes, about 7 minutes, about 8 minutes, about 9 minutes,about 10 minutes or greater, or any value or range between any two ofthese values (including endpoints). In such an instance, the request istreated as non-responsive and access is denied 125 to the user, asdescribed in greater detail herein.

The method may further include determining 120 whether the inputsreceived 115 correspond to inputs expected of a human user and/or anauthorized user. Such a determining step may include, for example, anyone of receiving each input, determining a timing of the input,receiving inputs from one or more sensors, and/or receiving locationdata.

Determining a timing of each input may generally include observing anamount of time that elapses between when the verification challenge isprovided 110 and when the input (or first input in a series of inputs)is received 115. The amount of time may generally be an expected amountof time necessary for the user to respond to the challenge. Such anexpected amount of time may be developed via observation, testing,estimation, experience, and/or the like. In some embodiments, theexpected amount of time may be a range of expected amounts of time. Insome embodiments, the expected amount of time may be an amount of timethat has been learned after observing the authorized user's tendenciesover several login attempts to determine how much time the user takes toprovide the inputs. If the input (or first input in a series of inputs)is received from the user outside of the expected time, it may bedetermined that the user is non-human or unauthorized. For example, ifan input is received at a time that is less than the expected time, suchan input may be determined as being received from non-humans, ascomputers, machines, and/or the like may be capable of responding tostimuli much more quickly than a human would be able to respond.Similarly, if an input is received at a time that is greater than theexpected time, such an input may be determined as being received from anon-human or an unauthorized user. In particular, computers, machinesand/or the like may be capable of copying the verification challenge andattempting numerous iterations to determine how to bypass it beforeproviding an input. Similarly, unauthorized users may be capable oftaking extra time to determine an appropriate input, such as byresearching a correct response and/or the like. In some embodiments,determining a timing of a plurality of inputs may include observingpauses and/or periods of inactivity between inputs. Such pauses and/orperiods of inactivity may be indicative of a human or a non-human user,as well as an authorized or unauthorized user, depending on the type ofverification challenge.

Receiving an input from one or more sensors may generally includereceiving information gathered by a sensor and using the information todetermine whether the user is a human and/or authorized. The type ofsensor is not limited by this disclosure, and may be any device capableof receiving stimuli. Illustrative examples of sensors may include, butare not limited to, a biometric sensor, a camera, a microphone, a touchsensor, a motion sensor, an accelerometer, a barometer, an infraredsensor, and/or the like. For example, a biometric sensor may be used todetermine if a user is human by obtaining a retinal scan, a fingerprint,a handprint, a body temperature reading, and/or any other type ofmeasurement that would reasonably only come from a human, as machines,computers, and/or the like would have difficulty replicatingbiometrically obtained information. Furthermore, a biometric sensor maybe used to verify that the human user is an authorized human user byreading biometric markers that an unauthorized user would not be able tofake or could not reasonably know/discover. In another example, a cameramay be used to view the user and/or recognize a body part, such as aface, of the user to verify that the user is human and/or an authorizedhuman. In another example, a microphone may be used to receive audioinputs from a user, such as voice commands, whistling, and/or the like.In some embodiments, the biometrically obtained information may be usedto determine whether the user is under duress (for example, by measuringpulse rate, eye movement, respiration rate, perspiration, and/or thelike). Such a determination may be an indicator that the user is beingforced to enter information against his/her own will.

Receiving location data may generally be obtained using one or moregeolocation technologies. For example, location data may be received viaa global positioning satellite (GPS) system, via a cellular telephonenetwork system, via a wireless communication protocol system, and/or thelike. Such location data may be used to verify that the user is locatedin an expected area. For example, a permanently-located keypad inDenver, Colo. would reasonably be expected to transmit geolocationcoordinates that correspond to its permanent installation when itreceives inputs from a user. However, if inputs are received from a botthat is located in Czechoslovakia or from a masked location, it may berecognized that a human is not attempting to access the secured resourceat the keypad location in Denver.

In some embodiments, determining 120 may additionally account forvarious known and/or learned physiological features of an authorizedhuman user. For example, if a human user is red-green color blind andsuch a trait is known and/or learned, the verification challenge mayprovide an arrangement of red objects, green objects, white objects, andother-colored objects and request that the user select all coloredobjects, while knowing that the red-green color blind user will notselect any of the red or green objects, but will select other-coloredobjects and omit the white objects. Thus, determining 120 may be basedon whether any red or green objects were selected.

If the determination 120 is that the user is human and/or authorized,access to the secured resource may be granted 145. However, if thedetermination 120 is that the user is non-human and/or unauthorized,access to the secured resource may be denied 125. Denial 125 of accessmay generally include disallowing the user from accessing the securedresource. In some embodiments, such as in instances when a bona fidehuman user or a bona fide authorized user makes an error during theverification challenge, he/she may be allowed to attempt theverification challenge again, at which the verification challenge may beprovided 110 again, and new inputs may be received 115 from the user. Insome embodiments, a different verification challenge may be provided110. In other embodiments, the same verification challenge may beprovided 110. In some embodiments, the number of times a user may beprovided 110 with a verification challenge without providing a correctresponse may be limited. Such a limitation may prevent recurringincorrect attempts by a non-human user to access the secured resource.The number of times that a verification challenge may be provided 110without receiving a correct response is not limited by this disclosure,and may include, for example, about 2 times, about 3 times, about 5times, about 10 times, or any value or range between any two of thesevalues (including endpoints).

In some embodiments, as shown in FIG. 2 , in addition to denying 225access to the determined 220 non-human or unauthorized user, the usermay be notified 230 of the denial of access. The notification 230 is notlimited by this disclosure, and may generally be any notification,including, but not limited to, a text notification, an audionotification, a video notification, an alert, and/or the like. In someembodiments, the type of notification may be dependent upon theinterface device used by the user to access the secured resource. Forexample, if the user attempts to access the secure device via asmartphone equipped with a speaker, the notification may be an audioalert, such as a chime or a ding, to notify the user of the denied 225access. In some embodiments, as described in greater detail herein, theuser may be provided 210 with the verification challenge again.

In some embodiments, as shown in FIG. 3 , in addition to denying 325access to the determined 320 non-human or unauthorized user, anadministrator may be notified of the denial of access. The administratoris not limited by this disclosure, and may be any person or entity thatmay benefit from such a notification 335. For example, a user or entitythat controls the secured resource may be notified 335. The notification335 is not limited herein, and may be any type of notification,including, but not limited to, a text notification, an audionotification, a video notification, an alert, identification of theresource, identification of the user interface and/or the device used toaccess the user interface, and/or the like. For example, thenotification 335 may be an email alert sent to the administrator notingthe details of the denied 325 access, such as, for example, the type ofverification challenge, the inputs that were received 315, varioussensor data that was obtained, location data, a date and time of thedenied access, and/or the like. In some embodiments, as described ingreater detail herein, the user may be provided 310 with theverification challenge again.

In some embodiments, as shown in FIG. 4 , in addition to denying 425access to the determined 420 non-human or unauthorized user, informationmay be recorded 440 regarding the denial of access. The information isnot limited by this disclosure, and may generally be any informationthat is pertinent to the denial 425 of access to the secured resource.Illustrative examples of information that may be recorded 440 include,but are not limited to, the type of verification challenge, the inputsthat were received 415, various sensor data that was obtained, locationdata, a date and time of the denied access, identification of theresource, identification of the user interface and/or the device used toaccess the user interface, and/or the like. In some embodiments, asdescribed in greater detail herein, the user may be provided 410 withthe verification challenge again.

FIG. 5 depicts an illustrative networked system according to anembodiment. The system may generally include at least one server 515 andat least one input device 505. The at least one server 515 maycommunicate with the at least one input device 505 via anycommunications protocol now known or later developed. In someembodiments, the server 515 and the input device 505 may communicate viaa network 500, such as, for example, the internet, an intranet, a widearea network, a personal network, and/or the like.

The server 515 may generally contain at least a portion of the securedresource and/or may be configured to provide access to the securedresource, as described in greater detail herein. The server 515 is notlimited by this disclosure, and may be any computing device and/orcomponents thereof, such as, for example, the computing device describedherein with respect to FIG. 6 .

The input device 505 may generally be a device that receives inputs froma user, as described in greater detail herein. In some embodiments, theinput device 505 may contain and/or implement a user interface to allowthe user to access the secured resource. In some embodiments, the inputdevice 505 may contain at least a portion of the secured resource in astorage device therein. The input device 505 is not limited by thisdisclosure, and may be any electronic device and/or components thereof,including, for example, at least one sensor 510. In some embodiments,the input device 505 may be a user's personal electronic device, suchas, for example, a computer, a smartphone, a tablet, and/or the like.

In some embodiments, the input device 505 may be a supplemental means ofproviding, receiving, and/or processing the inputs received from theuser. For example, the input device 505 may include an optical filtermodule in a touch screen interface that is configured to change a colorof a displayed object that is not directed by the server 515. Thus, forexample, the server 515 may request that a user click on all circlesthat are colored a certain way, but the input device 505 selects theactual coloring of each circle and never communicates coloring data tothe server 515. Such an arrangement may prevent a malicious attackerfrom attempting to bypass the input device 505 to access the securedresource directly from the server 515.

The input device 505 may additionally be configured to provideadditional information to the server 515 at the time it receives inputsfrom the user. For example, the input device 505 may be configured toreceive information from at least one sensor 510. The sensor mayinclude, but is not limited to, a biometric sensor, a camera, amicrophone, a touch sensor, a motion sensor, an accelerometer, abarometer, an infrared sensor, and/or the like, as described in greaterdetail herein. Illustrative information may include, but is not limitedto, biometric data of the user interacting with the input device 505,imaging information, sound information, touch information, pressureinformation, device movement information, device location, informationregarding the environment in which the device is located, and/or thelike. In some embodiments, the sensor 510 may be configured to sense theamount of pressure the user places on the input device 505 whenresponding to a challenge. In some embodiments, the sensor 510 mayreceive information regarding a user's eye movements. In someembodiments, the sensor 510 may receive information regardingenvironmental parameters, such as, for example, moisture and/or smoke.

FIG. 6 depicts a block diagram of illustrative internal hardware thatmay be used to contain or implement program instructions, such as theprocess steps discussed herein, according to various embodiments. A bus600 may serve as the main information highway interconnecting the otherillustrated components of the hardware. A CPU 605 is the centralprocessing unit of the system, performing calculations and logicoperations required to execute a program. The CPU 605, alone or inconjunction with one or more of the other elements disclosed in FIG. 6 ,is an illustrative processing device, computing device or processor assuch terms are used within this disclosure. Read only memory (ROM) 610and random access memory (RAM) 615 constitute illustrative memorydevices (i.e., processor-readable non-transitory storage media).

A controller 620 interfaces with one or more optional memory devices 625to the system bus 600. These memory devices 625 may include, forexample, an external or internal DVD drive, a CD ROM drive, a harddrive, flash memory, a USB drive, or the like. As indicated previously,these various drives and controllers are optional devices.

Program instructions, software, or interactive modules for providing theinterface and performing any querying or analysis associated with one ormore data sets may be stored in the ROM 610 and/or the RAM 615.Optionally, the program instructions may be stored on a tangiblecomputer-readable medium such as a compact disk, a digital disk, flashmemory, a memory card, a USB drive, an optical disc storage medium, suchas a Blu-Ray™ disc, and/or other non-transitory storage media.

An optional display interface 630 may permit information from the bus300 to be displayed on the display 635 in audio, visual, graphic, oralphanumeric format, such as the interface previously described herein.Communication with external devices, such as a print device, may occurusing various communication ports 640. An illustrative communicationport 640 may be attached to a communications network, such as theInternet, an intranet, or the like.

The hardware may also include an interface 645 which allows for receiptof data from input devices such as a keyboard 650 or other input device655 such as a mouse, a joystick, a touch screen, a remote control, apointing device, a video input device and/or an audio input device.

The hardware may also include a storage device 660 such as, for example,a connected storage device, a server, and an offsite remote storagedevice. Illustrative offsite remote storage devices may include harddisk drives, optical drives, tape drives, cloud storage drives, and/orthe like. The storage device 660 may be configured to store data asdescribed herein, which may optionally be stored on a database 665. Thedatabase 665 may be configured to store information in such a mannerthat it can be indexed and searched, as described herein.

The computing device of FIG. 6 and/or components thereof may be used tocarry out the various processes as described herein.

FIGS. 7-12 depict illustrative user interfaces according to variousembodiments. The various user interfaces described herein are notlimited by this disclosure and may be provided on any type of device.Illustrative examples include a computing device, an electronic device,a mobile device, and a physical installation, such as a freestanding PINpad or the like. Thus, a user may interact with the user interface byusing an interface device such as a keyboard, a mouse, a touch screen,and/or the like, or by interacting with physical elements. The userinterface may generally display information for the user in a mannerthat allows the user to visualize and/or manipulate the information. Insome embodiments, the user interface may provide a game, monitor theuser's inputs in following instructions, attempting the game, and/orcompleting the game, and/or store the inputs such that a user'stendencies can be learned. Some non-limiting, illustrative userinterfaces that may be used are described below.

FIG. 7 depicts an illustrative user interface, generally designated 700,according to an embodiment. The user interface 700 may generally beconfigured to provide a command area 705 containing instructions for theuser to follow and/or a response area 710 for receiving inputs from theuser in response to the instructions provided in the command area. Insome embodiments, the command area 705 may be provided at substantiallythe same time as the response area 710. In other embodiments, thecommand area 705 may be provided prior to the response area 710.Accordingly, the user may be required to remember the instructions inthe command area 705 before providing a response, thereby providing anadditional layer of protection against unauthorized users. As shown inFIG. 7 , the response area 710 may be a maze. In such a response area710, the user may generally be required to trace a path from a startportion to and end portion of the maze to verify that he/she is a humanuser to access the secured resource. In some embodiments, each path inthe maze taken by the user may be unique and may be known to the userbefore traversing the maze and/or traversed in a particular amount oftime. In some embodiments, the maze may include one or more signposts orthe like that may be traversed in a particular order that is unique tothe user.

Similar to FIG. 7 , FIG. 8 depicts an illustrative user interface,generally designated 800, according to an embodiment. The user interface800 may generally provide a command area 805 containing instructions forthe user to follow and/or a response area 810 for receiving inputs fromthe user in response to the instructions provided in the command area.In some embodiments, the command area 805 may be provided atsubstantially the same time as the response area 810. In otherembodiments, the command area 805 may be provided prior to the responsearea 810. Accordingly, the user may be required to remember theinstructions in the command area 805 before providing a response,thereby providing an additional layer of protection against unauthorizedusers. As shown in FIG. 8 , the response area 810 may contain aplurality of objects, such as, for example, balloons. Each object may bein a fixed location or may move around the user interface. In someembodiments, the location of each object may be random. Each object maycontain, for example, a character such as a number, a letter, a symbol,and/or the like. In such a response area 810, the user may generally berequired to complete a task to “input” a particular character. In someembodiments, the user may enter a specific sequence of characters suchas a PIN number by tapping and/or clicking on the object thatcorresponds to the specific sequence. In particular embodiments wherethe object is moving, the user may tap and/or click in varying locationsdepending on the location of the object containing the character he/shewishes to select. Such embodiments may discourage bots, which may not beable to track the movement of each object and/or select an appropriatesequence of characters. In addition, it may be difficult for ashoulder-surfing person to obtain the PIN code because of the randomplacement and/or movement of the objects.

FIG. 9 depicts an illustrative user interface, generally designated 900,according to an embodiment. The user interface 900 may generally providea command area 905 containing instructions for the user to follow, afirst response area 910, and/or a second response area 915. A user maygenerally provide one or more inputs in response to the command in atleast one of the first response area 910 and the second response area915. In some embodiments, the command area 905 may be provided atsubstantially the same time as at least one of the first response area910 and the second response area 915. In other embodiments, the commandarea 905 may be provided prior to at least one of the first responsearea 910 and the second response area 915. Accordingly, the user may berequired to remember the instructions in the command area 905 beforeproviding a response, thereby providing an additional layer ofprotection against unauthorized users. As shown in FIG. 9 , the firstresponse area 910 may contain a plurality of objects, such as, forexample, balloons. Each object may be in a fixed location or may movearound the user interface. In some embodiments, the location of eachobject may be random. Each object may contain, for example, a charactersuch as a number, a letter, a symbol, and/or the like. In the firstresponse area 910, the user may generally be required to complete a taskto “input” a particular character. In some embodiments, the user mayenter a specific sequence of characters such as a PIN number by tapping,clicking, and/or dragging on the object that corresponds to the specificsequence to the second response area 915. In particular embodimentswhere the object is moving, the user may tap and/or click in varyinglocations depending on the location of the object containing thecharacter he/she wishes to select. Such embodiments may discourage bots,which may not be able to track the movement of each object and/or selectan appropriate sequence of characters. In some embodiments, the user mayrearrange the objects in the second response area 915 after they havebeen moved from the first response area 910.

FIG. 10 depicts an illustrative user interface, generally designated1000, according to an embodiment. The user interface 1000 may generallyprovide a command area 1005 containing instructions for the user tofollow and/or a response area 1010 for receiving inputs from the user inresponse to the instructions provided in the command area. In someembodiments, the command area 1005 may be provided at substantially thesame time as the response area 1010. In other embodiments, the commandarea 1005 may be provided prior to the response area 1010. Accordingly,the user may be required to remember the instructions in the commandarea 1005 before providing a response, thereby providing an additionallayer of protection against unauthorized users. As shown in FIG. 10 ,the response area 1010 may contain a plurality of objects, such as, forexample, fruit. Thus, the objects in the response area 1010 may vary insize and/or shape. Each object may be in a fixed location or may movearound the user interface. In some embodiments, the location of eachobject may be random. Each object may contain, for example, a charactersuch as a number, a letter, a symbol, and/or the like. In such aresponse area 1010, the user may generally be required to complete atask to “input” a particular character, such as, for example, slicingthe fruit. In some embodiments, the user may enter a specific sequenceof characters such as a PIN number by tapping, clicking, swiping, and/orthe like on the object that corresponds to the specific sequence. Inparticular embodiments where the object is moving, the user may providean input in varying locations depending on the location of the objectcontaining the character he/she wishes to select. Such embodiments maydiscourage bots, which may not be able to track the movement of eachobject, select an appropriate sequence of characters, and/or provide thenecessary “slicing” motions.

FIG. 11 depicts an illustrative user interface, generally designated1100, according to an embodiment. The user interface 1100 may generallyprovide a command area 1105 containing instructions for the user tofollow and/or a response area 1110 for receiving inputs from the user inresponse to the instructions provided in the command area. In someembodiments, the command area 1105 may be provided at substantially thesame time as the response area 1110. In other embodiments, the commandarea 1105 may be provided prior to the response area 1110. In someembodiments, the command area 1105 may randomly change each time theuser attempts to access the user interface 1100. Accordingly, the usermay be required to remember the instructions in the command area 1105each time before providing a response, thereby providing an additionallayer of protection against unauthorized users. As shown in FIG. 11, theresponse area 1110 may contain a plurality of objects, such as, forexample, fruit. Thus, the objects in the response area 1110 may vary insize and/or shape. Each object may be in a fixed location or may movearound the user interface. In some embodiments, the location of eachobject may be random. In such a response area 1110, the user maygenerally be required to complete a task in response to the command,such as, for example, peel and/or slice a particular piece of fruit.Thus, the user may be required to recognize which piece of fruit is tobe manipulated, and must provide particular inputs that mimic the tasksrequested in the command area 1105. In particular embodiments where theobject is moving, the user may provide an input in varying locationsdepending on the location of the object he/she is requested tomanipulate. Such embodiments may discourage bots, which may not be ableto determine the difference between objects, track the movement of eachobject, select the appropriate object, and/or provide the necessarymotions corresponding to the required task.

FIG. 12 depicts an illustrative user interface, generally designated1200, according to an embodiment. The user interface 1200 may generallyprovide a command area 1205 containing instructions for the user tofollow and/or a response area 1210 for receiving inputs from the user inresponse to the instructions provided in the command area. In someembodiments, the command area 1205 may be provided at substantially thesame time as the response area 1210. In other embodiments, the commandarea 1205 may be provided prior to the response area 1210. Accordingly,the user may be required to remember the instructions in the commandarea 1205 before providing a response, thereby providing an additionallayer of protection against unauthorized users. As shown in FIG. 12 ,the response area 1210 may contain a plurality of objects. Each objectmay be in a fixed location or may move around the user interface. Insome embodiments, the location of each object may be random. Each objectmay contain, for example, a character such as a number, a letter, asymbol, and/or the like. In such a response area 1210, the user maygenerally be required to complete a task to “input” one or morecharacters. In some embodiments, the user may enter a specific sequenceof characters such as a PIN number by tapping and/or clicking on anyobject that does not correspond to the specific sequence to remove thecharacters. In particular embodiments where the object is moving, theuser may tap and/or click in varying locations depending on the locationof the object containing the character he/she wishes to remove. Suchembodiments may discourage bots, which may not be able to track themovement of each object and/or select an appropriate sequence ofcharacters.

In the above detailed description, reference is made to the accompanyingdrawings, which form a part hereof. In the drawings, similar symbolstypically identify similar components, unless context dictatesotherwise. The illustrative embodiments described in the detaileddescription, drawings, and claims are not meant to be limiting. Otherembodiments may be used, and other changes may be made, withoutdeparting from the spirit or scope of the subject matter presentedherein. It will be readily understood that the aspects of the presentdisclosure, as generally described herein, and illustrated in theFigures, can be arranged, substituted, combined, separated, and designedin a wide variety of different configurations, all of which areexplicitly contemplated herein.

The present disclosure is not to be limited in terms of the particularembodiments described in this application, which are intended asillustrations of various aspects. Many modifications and variations canbe made without departing from its spirit and scope, as will be apparentto those skilled in the art. Functionally equivalent methods andapparatuses within the scope of the disclosure, in addition to thoseenumerated herein, will be apparent to those skilled in the art from theforegoing descriptions. Such modifications and variations are intendedto fall within the scope of the appended claims. The present disclosureis to be limited only by the terms of the appended claims, along withthe full scope of equivalents to which such claims are entitled. It isto be understood that this disclosure is not limited to particularmethods, reagents, compounds, compositions or biological systems, whichcan, of course, vary. It is also to be understood that the terminologyused herein is for the purpose of describing particular embodimentsonly, and is not intended to be limiting.

With respect to the use of substantially any plural and/or singularterms herein, those having skill in the art can translate from theplural to the singular and/or from the singular to the plural as isappropriate to the context and/or application. The varioussingular/plural permutations may be expressly set forth herein for sakeof clarity.

It will be understood by those within the art that, in general, termsused herein, and especially in the appended claims (for example, bodiesof the appended claims) are generally intended as “open” terms (forexample, the term “including” should be interpreted as “including butnot limited to,” the term “having” should be interpreted as “having atleast,” the term “includes” should be interpreted as “includes but isnot limited to,” et cetera). While various compositions, methods, anddevices are described in terms of “comprising” various components orsteps (interpreted as meaning “including, but not limited to”), thecompositions, methods, and devices can also “consist essentially of” or“consist of” the various components and steps, and such terminologyshould be interpreted as defining essentially closed-member groups. Itwill be further understood by those within the art that if a specificnumber of an introduced claim recitation is intended, such an intentwill be explicitly recited in the claim, and in the absence of suchrecitation no such intent is present. For example, as an aid tounderstanding, the following appended claims may contain usage of theintroductory phrases “at least one” and “one or more” to introduce claimrecitations. However, the use of such phrases should not be construed toimply that the introduction of a claim recitation by the indefinitearticles “a” or “an” limits any particular claim containing suchintroduced claim recitation to embodiments containing only one suchrecitation, even when the same claim includes the introductory phrases“one or more” or “at least one” and indefinite articles such as “a” or“an” (for example, “a” and/or “an” should be interpreted to mean “atleast one” or “one or more”); the same holds true for the use ofdefinite articles used to introduce claim recitations. In addition, evenif a specific number of an introduced claim recitation is explicitlyrecited, those skilled in the art will recognize that such recitationshould be interpreted to mean at least the recited number (for example,the bare recitation of “two recitations,” without other modifiers, meansat least two recitations, or two or more recitations). Furthermore, inthose instances where a convention analogous to “at least one of A, B,and C, et cetera” is used, in general such a construction is intended inthe sense one having skill in the art would understand the convention(for example, “a system having at least one of A, B, and C” wouldinclude but not be limited to systems that have A alone, B alone, Calone, A and B together, A and C together, B and C together, and/or A,B, and C together, et cetera). In those instances where a conventionanalogous to “at least one of A, B, or C, et cetera” is used, in generalsuch a construction is intended in the sense one having skill in the artwould understand the convention (for example, “a system having at leastone of A, B, or C” would include but not be limited to systems that haveA alone, B alone, C alone, A and B together, A and C together, B and Ctogether, and/or A, B, and C together, et cetera). It will be furtherunderstood by those within the art that virtually any disjunctive wordand/or phrase presenting two or more alternative terms, whether in thedescription, claims, or drawings, should be understood to contemplatethe possibilities of including one of the terms, either of the terms, orboth terms. For example, the phrase “A or B” will be understood toinclude the possibilities of “A” or “B” or “A and B.”

In addition, where features or aspects of the disclosure are describedin terms of Markush groups, those skilled in the art will recognize thatthe disclosure is also thereby described in terms of any individualmember or subgroup of members of the Markush group.

As will be understood by one skilled in the art, for any and allpurposes, such as in terms of providing a written description, allranges disclosed herein also encompass any and all possible subrangesand combinations of subranges thereof. Any listed range can be easilyrecognized as sufficiently describing and enabling the same range beingbroken down into at least equal halves, thirds, quarters, fifths,tenths, et cetera As a non-limiting example, each range discussed hereincan be readily broken down into a lower third, middle third and upperthird, et cetera As will also be understood by one skilled in the artall language such as “up to,” “at least,” and the like include thenumber recited and refer to ranges which can be subsequently broken downinto subranges as discussed above. Finally, as will be understood by oneskilled in the art, a range includes each individual member. Thus, forexample, a group having 1-3 cells refers to groups having 1, 2, or 3cells. Similarly, a group having 1-5 cells refers to groups having 1, 2,3, 4, or 5 cells, and so forth.

Various of the above-disclosed and other features and functions, oralternatives thereof, may be combined into many other different systemsor applications. Various presently unforeseen or unanticipatedalternatives, modifications, variations or improvements therein may besubsequently made by those skilled in the art, each of which is alsointended to be encompassed by the disclosed embodiments.

What is claimed is:
 1. A system comprising: a processor; and anon-transitory, processor-readable storage medium, wherein thenon-transitory, processor-readable storage medium comprises one or moreprogramming instructions that, when executed, cause the processor to:receive data associated with a request to access a secured resource;provide one or more verification challenges to one or more users via auser interface, wherein each verification challenge comprises a gamefrom a set of one or more games; receive input from at least one of theone or more users in response to at least one verification challenge,the received input comprising at least one gameplay input; compare thereceived input against known information, wherein at least a portion ofthe known information comprises at least one of: information associatedwith the one or more users or gameplay associated with the one or moregames; and determine, based on the comparison, at least one of: that thereceived input corresponds to at least one parameter indicative of anauthorized user; that the received input does not correspond to at leastone parameter indicative of an authorized user; that the received inputcorresponds to at least one parameter indicative of an unauthorizeduser; and that the received input does not correspond to at least oneparameter indicative of an unauthorized user.
 2. The system of claim 1,wherein the received input further comprises at least one additionalinput.
 3. The system of claim 1, wherein the at least one of the one ormore users comprises a plurality of users.
 4. The system of claim 1,wherein the received input further comprises information, related toanother user, that is known to the at least one of the one or moreusers.
 5. The system of claim 1, further comprising one or moreprogramming instructions that, when executed, cause the processor togrant the at least one of the one or more users access to the securedresource.
 6. The system of claim 1, wherein the one or more programminginstructions that, when executed, cause the processor to determinefurther comprises one or more programming instructions that, whenexecuted, cause the processor to determine that the at least one of theone or more users is sufficiently cognitively aware.
 7. The system ofclaim 1, further comprising one or more programming instructions that,when executed, cause the processor to identify one or more physiologicalfeatures of the at least one of the one or more users based on thereceived input.
 8. The system of claim 1, wherein at least one of theone or more verification challenges further comprises one or morecharacteristics attuned to one or more physiological features of the atleast one of the one or more users.
 9. The system of claim 8, whereinthe received input comprises at least one variable corresponding to theone or more characteristics.
 10. The system of claim 1, wherein at leastone of the one or more verification challenges further comprises one ormore temporal characteristics.
 11. The system of claim 1, furthercomprising one or more programming instructions that, when executed,cause the processor to identify one or more features of the receivedinput indicating that the at least one of the one or more users is underduress.
 12. The system of claim 1, further comprising one or moresensors operatively connected to the processor, wherein the receivedinput further comprises one or more sensor inputs.
 13. The system ofclaim 12, wherein the one or more programming instructions that, whenexecuted, cause the processor to compare the received input againstknown information further comprises one or more programming instructionsthat, when executed, cause the processor to compare the one or moresensor inputs against the known information.
 14. The system of claim 12,wherein the one or more sensors are positional sensors.
 15. The systemof claim 1, wherein the one or more programming instructions that, whenexecuted, cause the processor to compare the received input againstknown information further comprise one or more programming instructionsthat, when executed, cause the processor to apply, to the receivedinput, a pre-existing rule, the pre-existing rule being known to thesystem and the user interface.
 16. The system of claim 1, furthercomprising one or more programming instructions that, when executed,cause the processor to provide, responsive to determining that thereceived input does correspond to at least one parameter indicative ofan unauthorized user, the at least one of the one or more users with atleast one additional verification challenge.
 17. The system of claim 1,further comprising one or more programming instructions that, whenexecuted, cause the processor to provide, responsive to determining thatthe received input does not correspond to at least one parameterindicative of an authorized user, the at least one of the one or moreusers with at least one additional verification challenge.
 18. Thesystem of claim 1, wherein the game comprises at least one of a floatingballoon game, a maze game, a cutting game, a puzzle game, and a memorygame.
 19. The system of claim 1, wherein the game is randomly selectedfrom a plurality of games or game formats.
 20. The system of claim 1,wherein the at least one parameter comprises at least one of a passcode,a completion of an assigned task, an amount of time that has elapsedbetween providing the at least one verification challenge and receivingat least a portion of the received input, a known physical trait of anauthorized user, and a location of an electronic device.
 21. The systemof claim 20, wherein the at least one parameter comprises the amount oftime that has elapsed between providing the at least one verificationchallenge and receiving at least a portion of the received input, andwherein the amount of time is greater than a minimum amount of time andless than a maximum amount of time.
 22. The system of claim 20, whereinthe at least one parameter comprises the amount of time that has elapsedbetween providing the at least one verification challenge and receivingat least a portion of the received input, and wherein the amount of timeis less than a minimum amount of time or greater than a maximum amountof time.
 23. The system of claim 1, further comprising one or moreprogramming instructions that, when executed, cause the processor to:responsive to determining that the received input does not correspond toat least one parameter indicative of an authorized user at least one of:provide a notification of denied access to the at least one of the oneor more users; provide a notification of denied access to anadministrator; and direct a storage device to record identifyinginformation of the at least one of the one or more users.
 24. The systemof claim 1, further comprising one or more programming instructionsthat, when executed, cause the processor to: responsive to determiningthat the received input does correspond to at least one parameterindicative of an unauthorized user at least one of: provide anotification of denied access to the at least one of the one or moreusers; provide a notification of denied access to an administrator; anddirect a storage device to record identifying information of the atleast one of the one or more users.
 25. The system of claim 1, furthercomprising one or more programming instructions that, when executed,cause the processor to direct a storage device to record identifyinginformation of the at least one of the one or more users.
 26. A methodcomprising: receiving, by a processor, data associated with a request toaccess a secured resource; providing, by the processor, one or moreverification challenges to one or more users via a user interface,wherein each verification challenge comprises a game from a set of oneor more games; receiving, by the processor, input from at least one ofthe one or more users in response to at least one verification challengeof the one or more verification challenges, the received inputcomprising at least one gameplay input; comparing, by the processor, thereceived input against known information, wherein at least a portion ofthe known information comprises at least one of: information associatedwith the one or more users or gameplay associated with the one or moregames; and determining, based on the comparison, at least one of: thatthe received input corresponds to at least one parameter indicative ofan authorized user; that the received input does not correspond to atleast one parameter indicative of an authorized user; that the receivedinput corresponds to at least one parameter indicative of anunauthorized user; and that the received input does not correspond to atleast one parameter indicative of an unauthorized user.
 27. The methodof claim 26, wherein the received input further comprises at least oneadditional input.
 28. The method of claim 26, wherein the at least oneof the one or more users comprises a plurality of users.
 29. The methodof claim 26, wherein the received input further comprises information,related to another user, that is known to the at least one of the one ormore users.
 30. The method of claim 26, further comprising granting, bythe processor, the at least one of the one or more users access to thesecured resource.
 31. The method of claim 26, wherein the determiningfurther comprises, determining that the at least one of the one or moreusers is sufficiently cognitively aware.
 32. The method of claim 26,further comprising identifying, by the processor, one or morephysiological features of the at least one of the one or more usersbased on the received input.
 33. The method of claim 26, wherein atleast one of the one or more verification challenges further comprisesone or more characteristics attuned to one or more physiologicalfeatures of the at least one of the one or more users.
 34. The method ofclaim 33, wherein the received input comprises at least one variablecorresponding to the one or more characteristics.
 35. The method ofclaim 26, wherein at least one of the one or more verificationchallenges further comprises one or more temporal characteristics. 36.The method of claim 26, further comprising identifying, by theprocessor, one or more features of the received input indicating thatthe at least one of the one or more users is under duress.
 37. Themethod of claim 26, wherein the received input further comprises one ormore sensor inputs from one or more sensors.
 38. The method of claim 37,wherein comparing the received input against known information furthercomprises comparing the one or more sensor inputs against the knowninformation.
 39. The method of claim 37, wherein the one or more sensorsare positional sensors.
 40. The method of claim 26, wherein comparingthe received input against known information further comprises:applying, by the processor, to the received input, a pre-existing rule,the pre-existing rule being known to the processor and the userinterface.
 41. The method of claim 26, responsive to determining thatthe received input corresponds to at least one parameter indicative ofan unauthorized user further comprises providing, by the processor, theat least one of the one or more users with at least one additionalverification challenge.
 42. The method of claim 26, responsive todetermining that the received input does not correspond to at least oneparameter indicative of an authorized user further comprises providing,by the processor, the at least one of the one or more users with atleast one additional verification challenge.
 43. The method of claim 26,wherein the game comprises at least one of a floating balloon game, amaze game, a cutting game, a puzzle game, and a memory game.
 44. Themethod of claim 26, wherein the game is randomly selected from aplurality of games or game formats.
 45. The method of claim 26, whereinthe at least one parameter comprises at least one of a passcode, acompletion of an assigned task, an amount of time that has elapsedbetween providing the at least one verification challenge and receivingat least a portion of the received input, a known physical trait of anauthorized user, and a location of an electronic device.
 46. The methodof claim 45, wherein the at least one parameter comprises the amount oftime that has elapsed between providing the at least one verificationchallenge and receiving at least a portion of the received input, andwherein the amount of time is greater than a minimum amount of time andless than a maximum amount of time.
 47. The method of claim 45, whereinthe at least one parameter comprises the amount of time that has elapsedbetween providing the at least one verification challenge and receivingat least a portion of the received input, and wherein the amount of timeis less than a minimum amount of time or greater than a maximum amountof time.
 48. The method of claim 26, further comprising: responsive todetermining that the received input does not correspond to at least oneparameter indicative of an authorized user at least one of: providing,by the processor, a notification of denied access to the at least one ofthe one or more users; providing, by the processor, a notification ofdenied access to an administrator; and directing, by the processor, astorage device to record identifying information of the at least one ofthe one or more users.
 49. The method of claim 26, further comprising:responsive to determining that the received input does correspond to atleast one parameter indicative of an unauthorized user at least one of:providing, by the processor, a notification of denied access to the atleast one of the one or more users; providing, by the processor, anotification of denied access to an administrator; and directing, by theprocessor, a storage device to record identifying information of the atleast one of the one or more users.
 50. The method of claim 26, furthercomprising directing, by the processor, a storage device to recordidentifying information of the at least one of the one or more users.51. The system of claim 1, wherein at least a portion of the receivedinput is used for at least one of the following: mining data, retrievinginformation, organizing data, sorting data, indexing data, gatheringanalytics, solving known problems, solving scientific problems,customizing advertising content, and operating a recommendations system.52. The system of claim 1, wherein the known information comprises oneor more learned user characteristics associated with at least one knownuser, and wherein the received input is further compared against atleast one of the one or more learned user characteristics.
 53. Thesystem of claim 52, wherein at least one of the one or more learned usercharacteristics are based on at least one of: behavior tendencies of theat least one known user, cognitive tendencies of the at least one knownuser, gameplay of the at least one known user, and data specific to theat least one known user.
 54. The system of claim 52, wherein each of theone or more learned user characteristics are associated with at leastone of an authorized user or an unauthorized user.
 55. The system ofclaim 52, wherein the one or more programming instructions furthercomprise one or more programming instructions that, when executed, causethe processor to identify one or more known users.
 56. The system ofclaim 1, further comprising one or more programming instructions that,when executed, cause the processor to direct a storage device to modifythe known information based on the received input.
 57. The system ofclaim 56, wherein the one or more programming instructions that, whenexecuted, cause the processor to provide the one or more verificationchallenges further comprise one or more programming instructions that,when executed, cause the processor to adapt the one or more verificationchallenges based on the modified known information.
 58. The system ofclaim 56, wherein the one or more programming instructions furthercomprise using the modified known information to generate one or moreadditional requests to access at least one of: the secured resource orat least one additional secured resource.
 59. The system of claim 1,wherein the one or more programming instructions that, when executed,cause the processor to provide the one or more verification challengesfurther comprises one or more programming instructions that, whenexecuted, cause the processor to modify the one or more verificationchallenges in real time based on at least one of the known informationor the received input.
 60. The system of claim 1, wherein the one ormore programming instructions that, when executed, cause the processorto provide the one or more verification challenges further comprises oneor more programming instructions that, when executed, cause theprocessor to select the one or more verification challenges from aplurality of verification challenges based on at least one of the knowninformation or the data associated with a request to access a securedresource.
 61. The system of claim 1, wherein the known informationcomprises information selected from the group consisting of informationassociated with the at least one of the one or more users, and gameplayassociated with one or more games.
 62. The method of claim 26, whereinat least a portion of the received input is used for at least one of thefollowing: mining data, retrieving information, organizing data, sortingdata, indexing data, gathering analytics, solving known problems,solving scientific problems, customizing advertising content, andoperating a recommendations system.
 63. The method of claim 26, whereinthe known information comprises one or more learned user characteristicsassociated with at least one known user, and wherein the received inputis further compared against at least one of the one or more learned usercharacteristics.
 64. The method of claim 63, wherein at least one of theone or more learned user characteristics are based on at least one of:behavior tendencies of the at least one known user, cognitive tendenciesof the at least one known user, gameplay of the at least one known user,and data specific to the at least one known user.
 65. The method ofclaim 63, wherein each of the one or more learned user characteristicsare associated with at least one of an authorized user or anunauthorized user.
 66. The method of claim 63, wherein the determiningfurther comprises identifying, by the processor, one or more knownusers.
 67. The method of claim 26, further comprising modifying, by theprocessor, the known information based on the received input.
 68. Themethod of claim 67, wherein providing, by the processor, one or moreverification challenges, further comprises adapting, by the processor,one or more verification challenges based on the modified knowninformation.
 69. The method of claim 67, wherein the modified knowninformation is used to generate one or more additional requests toaccess at least one of: the secured resource or at least one additionalsecured resource.
 70. The method of claim 26, wherein providing the oneor more verification challenges further comprises selecting, by theprocessor, the one or more verification challenges from a plurality ofverification challenges, wherein the selection is based on at least oneof the known information or the data associated with a request to accessa secured resource.
 71. The method of claim 26, wherein providing theone or more verification challenges further comprises modifying, by theprocessor, the one or more verification challenges in real time based onat least one of the known information or the received input.
 72. Themethod of claim 26, wherein the known information comprises informationselected from the group consisting of: information associated with theat least one of the one or more users, and gameplay associated with oneor more games.